The security week that was: 10/24/08

Show me your papers, comrade!

Ever been hassled at the airport? If not, then ask Kevin Mitnick about his experience before the ASIS show last month. Kevin is a former hacker turned security researcher and penetration tester who was sequestered by the CBP and ICE when he was flying into Atlanta to speak at that ASIS show. Fortunately, most people don't get the level of scrutiny that Kevin was subjected to. He was carrying a prox card sniffer/spoofer and a full lock-picking set that he was using as props for his keynote presentation during the show. His business card also happens to be a condensed lock-picking set. He had something like three or four cell phones in his bag. And multiple laptops. And he also had a little unit that can steal cellular phone address books via Bluetooth connectivity.

And while most of us don't carry the red-flag-raising tools that Kevin had with him, plenty of citizens have found themselves being questioned because they shared the same name as someone on the Do-Not-Fly list. Now the Department of Homeland Security is taking action to help correct that.

They announced that in 2009, flyers will need to provide their full name and date of birth to the airline. This information will then be cross-referenced to info on the assorted "watch" lists, and the eventual goal is that John Jones the retiree wouldn't be pulled aside because he was thought to be John Jones the terrorist supporter. This is a very small invasion of privacy, but not one that would bother most Americans. I think we'd gladly provide our full name and date of birth if it means we aren't accidentally thought to be someone we're not.

New technology for video storage
TimeSight Systems comes to market

I was up this week at the IQsummit 2008, an event from IQinVision in Philadelphia, Penn. You can read my report on that event, which includes some of the thoughts I collected on network video and megapixel surveillance. You can also enjoy a new SIW Radio podcast about video lifecycle management.

On Tuesday, just before they attended the IQsummit, TimeSight Systems unveiled itself to the industry with the ability to manage how we store video surveillance. The company's core technology is that it can be set up such that full resolution streams are saved for the first time period; then the stream can be lowered (repeatedly if needed) in terms of file size/compression. So imagine keeping full, high-res video for the first week. Then you could compress that video even further after a week (since you probably won't need the video for evidentiary purposes if you haven't had a report of an incident in that first week) so that you can store even more video on a single NVR. The company's product is available as an NVR now, but I sensed that the company may be able to license out this patented technology to other video storage products competitors. The full interview is available in the podcast.

In other news
Beyond IT products distribution; JC buys Gridlogix; bank letters; more...

It worked in the U.S. for companies like ScanSource, BlackBox and Anixter, which now deliver physical security products in addition to a full complement of IT and networking products. Now that same concept is being tested in the UK. Computerlinks, a distributor of IT products across Europe, is now moving into physical security products. The reason for this shift? Some 60 percent of VARs who were using Computerlinks wanted to get into the converged data and physical security market.

In the building automation and management space, Johnson Controls has purchased Gridlogix. ... Some 50 letters have been sent to banks and other financial institutions with a threat of "payback"; some of the letters contained a white powder that proved to be harmless. The FBI is investigating the letters. ... Fights on the campus of Western Kentucky University were apparently misreported as gunfire incidents and the campus was locked down earlier this week. Students are now being questioned in relation to the incident. ... Those millimeter wave scanners for full-body screening continue to catch flack from those who like a little privacy. The machines can see everything about your body and, yes, I do mean everything. The current concept is to blur a person's face on the screen and set up the machines such that the machine's operator would never see the actual person who is being scanned. ... Motorola is selling off its AFIS biometrics business to Sagem Securite (dba Sagem Morpho in the U.S.).

Shameless site plug of the week
You knew it was coming...

Join our SIW discussion forums. Some 3,500 of your industry peers have already done so. We've got great ongoing discussions for VARs, integrators, dealers, security directors, fire folks, security officers and more. Registration is free and relatively easy (we have to keep out any spammers and keep it open to security, fire and networking-related pros, so it's not quite instant).

Of course, we close as always with a quick look at the most popular stories of the week: